change route

This is a discussion on change route within the Linux Programming forums, part of the Platform Specific Boards category; hello every1,
I need suggestion related change routing information from my program with user privileges. How I can change routing ...

change route

hello every1,
I need suggestion related change routing information from my program with user privileges. How I can change routing tables in my host linux or bsd based from user?
i.e. I launch my program with root, forked it and become use it with user privileges.
i.e2. I want make it more secure, therefore use user, but little bit stumbled about workable this situation.

The way other programs do this is to configure the port exactly as it needs to be, then demote yourself at run-time. This is assuming that you never need to change the configuration again. If this is the case, this is doable. Otherwise, perhaps you could fork() yourself and allow the parent to be the one that does the configuration, while the child (and its threads) answer all the calls to the outside world. The child would never have to have the higher privileges but would need to signal the parent when changes needed to be made (adding in an additional layer of security by adding in an additional layer).

In another words do full-trip pipe(or something else?) from parent to child(callback) and child to parent and as well as giving information to parent if that really needs? If that exact, then we could narrow bottleneck, but still use root privileges. I'm not use fork too much, usually pthread with shared-memory, because it more simple I think, then fork with signaling. anyway, how I can communicate parent and child instead of pipes or internal sockets?

I don't think you'll need a callback, just have a location in where you have an semaphore and a configuration struct that will allow you to change on the fly. Basically, you'll make your parent process sleep for most of the time. In fact, if you created a signal handler, your child could wake your parent whenever a change needed to be made (no need for a semaphore in this case).

I don't see why splitting the process is necessary. Just give yourself CAP_NET_ADMIN capability, then you can alter routing tables without needing to be root. Having a communication channel between an unprivileged and a privileged process seems scary to me. It's not an additional "layer of security," just another layer of complexity and potential bug-hiding place. An attack on your channel protocol could lead to unfettered root access. If you're so worried about coding errors that you're going to drop root access, what makes you think you won't make a coding error in your protocol?